﻿Imports System.Data
Imports System.Data.SqlClient
Imports System.Net
Imports System.IO
Imports System.Xml

Public Class Add_new_User
    Inherits System.Web.UI.Page

    Private strError As String
    Private dt_Edit_User As DataTable
    Private dr_Edit_User As DataRow
    Public Sub validation(ByVal sender As Object, ByVal e As System.EventArgs)
        strError = ""
        Dim strUserID = ""
        Dim strSQLExist As String
        strUserID = Session("Edit_User")
        'Test it is Edit or New
        If strUserID <> "" Then
            checkValidation()
           
            updateUser(strUserID)
        Else

        End If
        strSQLExist = "SELECT * FROM [User] WHERE User_Number='" & txtID.Text & "'"
        If CommonUtil.commonExecuteNonQuery(strSQLExist) = False Then
            strError = "Your V Numver has already existed"
        Else

        End If

        'Display Message
        If strError = "" And strUserID = "" Then 'No error
            insertUser()
            lblResult.Text = "Your record has been save successfully"

        ElseIf strError = "" And strUserID <> "" Then
            updateUser(strUserID)
            lblResult.Text = "Your record has been update successfully"
        Else
            lblResult.Text = strError
            txtConfirmPassword.Text = ""
            txtFullName.Text = ""
            txtID.Text = ""
            txtPassword.Text = ""
            txtPosition.Text = ""
            txtID.Focus()
        End If

    End Sub
    Private Sub checkValidation()
        If txtID.Text = "" Then
            strError = "User ID cannot be blank" & "<br />"
        End If
        If txtPassword.Text = "" Then
            strError += "Password cannot be blank" & "<br />"
        End If

        If txtConfirmPassword.Text = "" Then
            strError += "Confirm password cannot be blank" & "<br />"
        Else
            If txtPassword.Text <> txtConfirmPassword.Text Then
                strError += "Password does not match" & "<br />"
            End If
        End If
        If txtFullName.Text = "" Then
            strError += "Full name cannot be blank" & "<br />"
        End If

        If txtPosition.Text = "" Then
            strError += "Position cannot be blank" & "<br />"
        End If
    End Sub

    'Public Function maxRow() As Integer
    '    Dim nextRow As Integer
    '    Dim Sql As String
    '    Dim table As String = "[User]"
    '    Sql = "Select max(User_Number) as maxRow from [User]"
    '    nextRow = CommonUtil.maxRow(Sql, table)
    '    Return nextRow
    'End Function

    ''' <summary>
    ''' 
    ''' </summary>
    ''' <remarks></remarks>
    Public Sub insertUser()

        Dim strAdmin As String = "False"
        If chkAdmin.Checked Then
            strAdmin = "True"
        Else
            strAdmin = "False"
        End If
        Dim txtID As String = Page.Request.Form("txtID")
        Dim txtPassword As String = Page.Request.Form("txtPassword")
        Dim txtConfirmPassword As String = Page.Request.Form("txtConfirmPassword")
        Dim txtFullName As String = Page.Request.Form("txtFullName")
        Dim txtPosition As String = Page.Request.Form("txtPosition")
        Dim table As String = "[User]"
        Dim Sql As String
        'Dim nextRow As Integer = maxRow()
        Sql = "insert into [User] ( User_Number, User_Password,User_Name,User_Position,User_Admin, User_Expired) values (" & _
       "'" & txtID & "'," & "'" & txtPassword & "'," & "'" & txtFullName & "'," & "'" & txtPosition & "'," & "'" & strAdmin & "'," & "'False')"
        CommonUtil.executeSQL(Sql, table)
    End Sub
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Session("Edit_User") <> "" Then
            Edit_User()
            btnCancel.Visible = True
        End If
    End Sub
    Public Sub Cancel()
        Session.Remove("Edit_User")
        Response.Redirect("Admin_Page.aspx")
    End Sub

    Public Sub updateUser(ByVal strUserID As String)
        Dim txtID As String = Page.Request.Form("txtID")
        Dim txtPassword As String = Page.Request.Form("txtPassword")
        Dim txtConfirmPassword As String = Page.Request.Form("txtConfirmPassword")
        Dim txtFullName As String = Page.Request.Form("txtFullName")
        Dim txtPosition As String = Page.Request.Form("txtPosition")
        Dim table As String = "[User]"
        Dim stSQLlUpdate As String
        ' Dim nextRow As Integer = maxRow()
        stSQLlUpdate = " Update [User] SET User_Number='" & txtID & "', User_Password='" & txtPassword & "', User_Name='" & _
            txtFullName & "', User_Position='" & txtPosition & "' WHERE User_Number='" & strUserID & "'"

        CommonUtil.executeSQL(stSQLlUpdate, table)

    End Sub
    Public Sub Edit_User()
        Dim strSQL, strUser_Number As String
        strUser_Number = Session("Edit_User")
        Dim dts As New DataSet

        strSQL = "SELECT * FROM [USER] WHERE User_Number='" & strUser_Number & "'"
        dts = CommonUtil.executeSQL(strSQL, "USER")
        dt_Edit_User = dts.Tables("USER")
        For Each Me.dr_Edit_User In dt_Edit_User.Rows
            txtID.Text = dr_Edit_User("User_Number")
            txtPassword.Text = dr_Edit_User("User_Password")
            txtConfirmPassword.Text = dr_Edit_User("User_Password")
            txtPosition.Text = dr_Edit_User("user_position")
            txtFullName.Text = dr_Edit_User("User_Name")
            If dr_Edit_User("User_Admin") = "True" Then
                chkAdmin.Checked = True
            Else
                chkAdmin.Checked = False
            End If
        Next
        txtID.Enabled = False
    End Sub

    'Protected Sub btnReset_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnReset.Click
    '    txtID.Text = ""
    '    txtPassword.Text = ""
    '    txtConfirmPassword.Text = ""
    '    txtFullName.Text = ""
    '    txtPosition.Text = ""
    'End Sub

End Class